You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by Tom Bednarz <li...@bednarz.ch> on 2004/04/07 19:08:43 UTC
Container vs application managed security - Role checking
After reading lots of online docs and parts of 'Struts in Action' I decided to stay with my implementation of application managed security. However I like to make use of a new feature introduced in Struts 1.1: role checking for actions.
As far as I understand it, I need to make my own implementation of processRoles in class RequestProcessor.
The question is:
When I subclass RequestProcessor, where do I have to put this class? Separate JAR file or can it go somewhere inside my web application? I subclassed the Action class and derived all actions from that class. That worked fine inside the app. But I do not see any direct calls to RequestProcessor, this seems to be done inside the framework.
Can somebody help?
Many thanks.
Tom